Computer Forensics Schools

Open Computer Forensics Architecture (OCFA) is a modular computer forensics framework built by the Dutch National Police Agency. The main goal is to automate the digital forensic process to speed up the investigation and give tactical investigators direct access to the seized data through an easy...
Platforms: *nix

SecretBurner is a system utility that destroys all sensitive or confidential information on your computer. SecretBurner's secure delete and wipe algorithms make it impossible for your data to be undeleted or recovered by any known computer forensics technique. SecretBurner lets you permanently...
Platforms: Windows

dc3dd is a patched version of GNU dd to include a number of features useful for computer forensics. Many of these features were inspired by dcfldd, but were rewritten for dc3dd. Pattern writes. The program can write a single hexadecimal value or a text string to the output device for wiping...
Platforms: *nix

Thumbs.db Viewer was written to give the computer user tools to reconstruct Thumbs.db, ehthumbs.db, thumbcache_*.db (Windows Vista,Windows 7) and iconcache_*.db (Windows 8/10) database records.
Thumbs.db is a hidden system file generated automatically by Windows when you view the contents of a...
Platforms: Windows, Windows 7, Other

FINALeMAIL scans the email database file and locates lost emails that do not have data location information associated with them. FINALeMAIL has the capability of restoring lost emails and restoring them to their original state. Not only can FINALeMAIL recover single email messages it can also...

The "Recycle Bin" icon on your Windows desktop allows you to recover deleted files. Unfortunately, there are many possible situations when the Recycle Bin is useless. Just a few examples: Windows cannot access a disk drive. A disk volume containing valuable info was damaged due to a system...
Platforms: Windows

DEFT (acronym of Digital Evidence & Forensic Toolkit) is a customized Linux distribution of the Kubuntu live Linux CD. It is a very easy to use system that includes an excellent hardware detection and the best open source applications dedicated to incident response and computer forensics....
Platforms: *nix

FIRST LIVE primarily it is to assist law enforcement agencies and its officer to combat cyber terrorism and other malicious activities. FIRST LIVECD usage and application can be also extended to private organizations and individuals who are need alternative in securing their network and computer...
Platforms: *nix

Trinux is a ramdisk-based Linux distribution that boots from a single floppy or CD-ROM, loads it packages from an HTTP/FTP server, a FAT/NTFS/ISO filesystem, or additional floppies. Trinux contains the latest versions of popular Open Source network security tools for port scanning, packet...
Platforms: *nix

OSForensics is a new digital investigation tool which lets you extract forensic data or uncover hidden information from computers. OSForensics has a number of unique features which make the discovery of relevant forensic data even faster, such as high-performance deep file searching and indexing,...
Platforms: Windows